× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 425580309f7a2a5567f21a594ef58770b903595900d17c9a0c934d7999acdc20
File name: output.113930195.txt
Detection ratio: 32 / 62
Analysis date: 2018-08-31 21:03:34 UTC ( 8 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Android.Riskware.SmsPay.ADR 20180831
AhnLab-V3 Android-PUP/SmsPay.ae5ae 20180831
Alibaba A.H.Pay.Qnmrkz 20180713
Arcabit Android.Riskware.SmsPay.ADR 20180831
Avira (no cloud) ANDROID/Agent.tcmai 20180831
BitDefender Android.Riskware.SmsPay.ADR 20180831
CAT-QuickHeal Android.SmsPay.GEN7302 (PUP) 20180831
Cyren ZIP/Trojan.CYLE-0 20180831
DrWeb Android.Xiny.1513 20180831
Emsisoft Android.Riskware.SmsPay.ADR (B) 20180831
ESET-NOD32 a variant of Android/Agent.AYL 20180831
F-Secure Android.Riskware.SmsPay 20180831
Fortinet Android/Generic.Z.2E1983!tr 20180831
GData Android.Riskware.SmsPay.ADR 20180831
Ikarus PUA.AndroidOS.SMSreg 20180831
Jiangmin RiskTool.AndroidOS.fsyl 20180831
K7GW Trojan ( 00537fa91 ) 20180831
Kaspersky not-a-virus:HEUR:RiskTool.AndroidOS.Dnotua.acgn 20180831
MAX malware (ai score=99) 20180831
McAfee Artemis!8556491C7669 20180831
McAfee-GW-Edition Artemis!PUP 20180831
eScan Android.Riskware.SmsPay.ADR 20180831
NANO-Antivirus Trojan.Android.Agent.dqfsll 20180831
Qihoo-360 Trojan.Android.Gen 20180831
Sophos AV Andr/Rootnik-AI 20180831
Symantec PUA.Gen.2 20180831
Symantec Mobile Insight AppRisk:Generisk 20180831
Tencent a.payment.movers 20180831
TrendMicro-HouseCall Suspicious_GEN.F47V0830 20180831
Trustlook Android.Malware.General 20180831
ZoneAlarm by Check Point not-a-virus:HEUR:RiskTool.AndroidOS.Dnotua.acgn 20180831
Zoner Trojan.AndroidOS.SmsPay.C 20180830
AegisLab 20180831
ALYac 20180831
Antiy-AVL 20180831
Avast 20180831
Avast-Mobile 20180831
AVG 20180831
AVware 20180823
Babable 20180822
Baidu 20180830
Bkav 20180831
ClamAV 20180831
CMC 20180831
Comodo 20180831
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180831
eGambit 20180831
Endgame 20180730
F-Prot 20180831
Sophos ML 20180717
K7AntiVirus 20180831
Kingsoft 20180831
Malwarebytes 20180831
Microsoft 20180831
Palo Alto Networks (Known Signatures) 20180831
Panda 20180831
Rising 20180831
SentinelOne (Static ML) 20180830
SUPERAntiSpyware 20180831
TACHYON 20180831
TheHacker 20180829
TotalDefense 20180831
TrendMicro 20180831
VBA32 20180831
VIPRE 20180831
ViRobot 20180831
Webroot 20180831
Yandex 20180831
Zillya 20180831
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.znkogvev.bbjmtmyj. The internal version number of the application is 7868011. The displayed version string of the application is 3.06. The minimum Android API level for the application to run (MinSDKVersion) is 11. The target Android API level for the application to run (TargetSDKVersion) is 19.
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.DISABLE_KEYGUARD (disable key lock)
android.permission.READ_USER_DICTIONARY (read user-defined dictionary)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.CAMERA (take pictures and videos)
android.permission.INTERNET (full Internet access)
android.permission.CHANGE_CONFIGURATION (change your UI settings)
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.INTERACT_ACROSS_USERS_FULL ()
android.permission.UPDATE_APP_OPS_STATS (Unknown permission from android reference)
com.android.launcher.permission.INSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.RECEIVE_WAP_PUSH (receive WAP)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.GET_TASKS (retrieve running applications)
android.permission.READ_CALL_LOG (read the user's call log.)
android.permission.READ_SETTINGS (Unknown permission from android reference)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.MEDIA_CONTENT_CONTROL (Unknown permission from android reference)
android.permission.READ_EXTERNAL_STORAGE (read from external storage)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.ACCESS_MTK_MMHW (Unknown permission from android reference)
android.permission.BROADCAST_STICKY (send sticky broadcast)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.MODIFY_AUDIO_SETTINGS (change your audio settings)
android.permission.SAMSUNG_TUNTAP (Unknown permission from android reference)
android.permission.READ_SMS (read SMS or MMS)
android.permission.VIBRATE (control vibrator)
android.permission.SYSTEM_ALERT_WINDOW (display system-level alerts)
android.permission.READ_INTERNAL_STORAGE (Unknown permission from android reference)
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS (access extra location provider commands)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.READ_CONTACTS (read contact data)
android.permission.RUN_INSTRUMENTATION (Unknown permission from android reference)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS (mount and unmount file systems)
android.permission.WRITE_INTERNAL_STORAGE (Unknown permission from android reference)
android.permission.GET_ACCOUNTS (discover known accounts)
Activities
com.baidu.go.MainActivity
com.baidu.go.MbActivity
com.baidu.go.SPVideoActivity
com.baidu.go.zp.SW_VWebViewActivity
com.baidu.go.WelcomeActivity
com.nys.go.view.gallery.ImagePagerActivity
com.nys.go.novel.ReadActivity
com.nys.go.novel.CataActivity
com.mobile.bumptech.ordinary.miniSDK.SDK.intf.MActivity
Services
com.y.t.jar.pay.UpdateServices
com.inter.china.fplay.service.LlcServoceOne
com.j2y.p3.CLService
com.a.w.p.M
Receivers
com.y.t.jar.pay.InNoticeReceiver
com.inter.china.fplay.service.LlcReceiverOne
com.wchen.jzf.jrever.JzRever
com.zxhy.zf.r.D
com.a.w.p.B
Activity-related intent filters
com.baidu.go.WelcomeActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.inter.china.fplay.service.LlcReceiverOne
actions: android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.BATTERY_CHANGED, android.intent.action.USER_PRESENT, android.net.wifi.supplicant.CONNECTION_CHANGE, android.intent.action.ACTION_POWER_CONNECTED, android.intent.action.ACTION_POWER_DISCONNECTED
com.zxhy.zf.r.D
actions: android.provider.Telephony.SMS_RECEIVED
com.a.w.p.B
actions: android.provider.Telephony.SMS_RECEIVED, android.intent.action.USER_PRESENT, android.intent.action.ACTION_SHUTDOWN, android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.SIM_STATE_CHANGED, android.intent.action.SERVICE_STATE, android.bluetooth.adapter.action.STATE_CHANGED, android.net.wifi.WIFI_STATE_CHANGED, android.intent.action.ANY_DATA_STATE, android.net.wifi.STATE_CHANGE, android.intent.action.BOOT_COMPLETED, android.intent.action.MEDIA_MOUNTED, android.intent.action.MEDIA_EJECT
categories: android.intent.category.DEFAULT, android.intent.category.LAUNCHER
com.wchen.jzf.jrever.JzRever
actions: android.provider.Telephony.SMS_DELIVER, android.provider.Telephony.SMS_RECEIVED
com.y.t.jar.pay.InNoticeReceiver
actions: android.provider.Telephony.SMS_DELIVER, android.provider.Telephony.SMS_RECEIVED
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
106
Uncompressed size
2800328
Highest datetime
2018-08-29 18:59:14
Lowest datetime
2018-08-29 18:53:04
Contained files by extension
xml
49
png
42
jpg
2
so
2
dex
1
MF
1
cf
1
RSA
1
dat
1
SF
1
pl
1
Contained files by type
XML
48
PNG
42
unknown
11
ELF
2
JPG
2
DEX
1
File identification
MD5 8556491c7669f16b92e9df3da9f973bf
SHA1 19c2da4327439cc7fb5030f5862f2e19b3953ed8
SHA256 425580309f7a2a5567f21a594ef58770b903595900d17c9a0c934d7999acdc20
ssdeep
24576:pQunieY5tll7u/ukFi7QWCbjT2LyGjO4GYnvXnvLRmpOwybsRhvCzWW:pQ3ektpkA7QWcxGjRrnPnjROnO

File size 1.6 MB ( 1713174 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (72.9%)
Java Archive (20.1%)
ZIP compressed archive (5.5%)
PrintFox/Pagefox bitmap (var. P) (1.3%)
Tags
apk android xorcrypt contains-elf

VirusTotal metadata
First submission 2018-08-30 02:33:53 UTC ( 8 months, 3 weeks ago )
Last submission 2018-09-10 19:17:57 UTC ( 8 months, 1 week ago )
File names output.113930195.txt
output.113793200.txt
output.113930794.txt
output.113793764.txt
output.113855951.txt
宅男TV44278.apk
output.113855666.txt
xb7TV44278.apk
output.113820079.txt
output.113857010.txt
output.113855947.txt
output.113855560.txt
output.113856400.txt
output.113793373.txt
output.113819917.txt
output.113820723.txt
output.113931093.txt
output.113794216.txt
output.113820401.txt
output.113794544.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!